Appl. No. 09/998,893 PATENT 
Amdt. dated May 4, 2009 

Amendment under 37 CFR 1.116 Expedited Procedure 
Examining Group 2437 

Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 

application: 

Listing of Claims: 

1 . (Currently Amended) A method comprising: 

receiving at an Identity System a request for a first certificate related action for a 
first user wherein the first certificate related action is selected from a group consisting of a 
certificate enrollment action, a certificate renewal action, and a certificate revocation action; and 

retrieving by the Identity System a first workflow for responding to said request 
from a plurality of workflows for responding to requests for certificate related actions, wherein 
each workflow in said plurality of workflows corresponds to a different set of characteristics for 
a user, wherein the first workflow contains a first set of directives and a second workflow in said 
plurality of workflows contains a second set of directives, wherein said first set of directives is 
different from said second set of directives, wherein said first workflow calls for obtaining an 
approval from an entity associated with the first user and identified in a user profile for the first 
user maintained by the Identity System before performing a certificate related action, wherein 
said second workflow does not call for obtaining an approval before performing a certificate 
related action, wherein said first workflow for responding to said request corresponds to said first 
certificate related action and a set of characteristics for said first user from the identity profile for 
the first user , the set of characteristics for the first user including a user type for the first user, 
and wherein retrieving the first workflow further comprises selecting the first workflow from the 
plurality of workflows based on the first certificate related action and the user type of the first 
user. 

2. -6. (Canceled) 
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7. (Previously Presented) The method of claim 1, further comprising: 
receiving said plurality of workflows. 

8. (Previously Presented) The method of claim 1, further comprising: 
performing said first workflow, wherein performing said first workflow 

retrieving an approval response from the entity associated with the first 

obtaining a certificate. 

9. (Previously Presented) The method of claim 8, further comprising: 
receiving a second request for a second certificate related action for a second user 

wherein the second certificate related action is selected from a group consisting of a certificate 
enrollment action, a certificate renewal action, and a certificate revocation action; 

retrieving the second workflow for responding to said second request from said 
plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a set of characteristics for said second user from an identity profile for the 
second user maintained by the Identity System, the set of characteristics including a user type for 
the second user, and wherein retrieving the second workflow further comprises selecting the 
second workflow from the plurality of workflows based on the second certificate related action 
and the user type of the second user; and 

performing said second workflow, wherein performing said second workflow 

comprises: 

obtaining a second certificate without retrieving an approval response. 

10. (Previously Presented) The method of claim 9, wherein said first 
certificate related action is a certificate enrollment action and said second certificate related 
action is a certificate enrollment action. 



comprises: 
user; and 
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1 1 . (Previously Presented) The method of claim 9, wherein said first 
certificate related action is a certificate renewal action and said second certificate related action 
is a certificate renewal action. 

12. (Previously Presented) The method of claim 1, further comprising: 
performing said first workflow, wherein said first certificate related action is a 

certificate enrollment action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving said certificate; and 
storing said certificate. 

13. (Previously Presented) The method of claim 1, further comprising: 
performing said first workfiow, wherein said first certificate related action is a 

certificate renewal action and wherein performing said first workfiow comprises: 

obtaining a certificate renewal, wherein obtaining the certificate renewal 

comprises: 

authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving a certificate renewal acknowledgement. 

14. (Previously Presented) The method of claim 1, further comprising: 
performing said first workfiow, wherein said first certificate related action is a 

certificate revocation action and wherein performing said first workflow comprises: 

revoking a certificate, wherein revoking the certificate comprises: 
authenticating said first user; and 

forwarding said request to a Certificate Processing Server. 

15. (Canceled) 
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16. (Currently Amended) One or more processor readable storage devices 
having processor readable code embodied on said processor readable storage devices, said 
processor readable code for programming one or more processors to perform a method 
comprising: 

receiving at an Identity System a request for a first certificate related action for a 
first user wherein the first certificate related action is selected from a group consisting of a 
certificate enrollment action, a certificate renewal action, and a certificate revocation action; and 

retrieving by the Identity System a first workflow for responding to said request 
from a plurality of workflows for responding to requests for certificate related actions, wherein 
each workflow in said plurality of workflows corresponds to a different set of characteristics for 
a user, wherein the flrst workflow contains a first set of directives and a second workfiow in said 
plurality of workflows contains a second set of directives, wherein said first set of directives is 
different from said second set of directives, wherein said flrst workflow calls for obtaining an 
approval from an entity associated with the flrst user and identifled in a user proflle for the flrst 
user maintained by the Identity System before performing a certiflcate related action, wherein 
said second workflow does not call for obtaining an approval before performing a certiflcate 
related action, wherein said flrst workflow for responding to said request corresponds to said flrst 
certiflcate related action and a set of characteristics for said flrst user from the identity proflle for 
the flrst user , the set of characteristics for the flrst user including a user type for the flrst user, 
and wherein retrieving the flrst workflow further comprises selecting the flrst workflow from the 
plurality of workflows based on the flrst certiflcate related action and the user type of the flrst 
user. 

17. -19. (Canceled) 

20. (Previously Presented) One or more processor readable storage devices 
according to claiml6, wherein said method further comprises: 
receiving said plurality of workflows. 
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2 1 . (Previously Presented) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 

performing said first workflow, wherein performing said first workflow 

comprises: 

retrieving an approval response from the entity associated with the first 

user; and 

obtaining a certificate; 

receiving a second request for a second certificate related action for a second user 
wherein the second certificate related action is selected from a group consisting of a certificate 
enrollment action, a certificate renewal action, and a certificate revocation action; 

retrieving the second workflow for responding to said second request from said 
plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a set of characteristics for said second user from an identity profile for the 
second user maintained by the Identity System, the set of characteristics including a user type for 
the second user, and wherein retrieving the second workflow further comprises selecting the 
second workflow from the plurality of workflows based on the second certificate related action 
and the user type of the second user; and 

performing said second workflow, wherein performing said second workflow 

comprises: 

obtaining a second certificate without retrieving an approval response. 

22. (Previously Presented) One or more processor readable storage devices 
according to claim 21, wherein said first certificate related action is a certificate enrollment 
action and said second certificate related action is a certificate enrollment action. 

23. (Previously Presented) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate enrollment action and wherein performing said first workflow comprises: 
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obtaining a certificate, wherein obtaining the certificate comprises: 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving said certificate; and 
storing said certificate. 

24. (Previously Presented) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate renewal action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; and 
receiving a certificate renewal acknowledgement. 

25. (Previously Presented) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate revocation action and wherein performing said first workflow comprises: 

revoking a certificate, wherein revoking the certificate comprises: 
authenticating said first user; and 

forwarding said request to a Certificate Processing Server. 

26. (Canceled) 

27. (Currently Amended) An apparatus comprising: 
one or more communications interfaces; 

one or more storage devices; and 
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one or more processors in communication with said one or more storage devices 
and said one or more communication interfaces, said one or more processors perform a method 
comprising: 

receiving at an Identity System a request for a first certificate related action for a 
first user wherein the first certificate related action is selected from a group consisting of a 
certificate enrollment action, a certificate renewal action, and a certificate revocation action; and 

retrieving by the Identity System a first workflow for responding to said request 
from a plurality of workflows for responding to requests for certificate related actions, wherein 
each workflow in said plurality of workflows corresponds to a different set of characteristics for 
a user, wherein the flrst workflow contains a first set of directives and a second workfiow in said 
plurality of workflows contains a second set of directives, wherein said first set of directives is 
different from said second set of directives, wherein said flrst workflow calls for obtaining an 
approval from an entity associated with the flrst user and identifled in a user proflle for the flrst 
user maintained by the Identity System before performing a certiflcate related action, wherein 
said second workflow does not call for obtaining an approval before performing a certiflcate 
related action, wherein said flrst workflow for responding to said request corresponds to said flrst 
certiflcate related action and a set of characteristics for said flrst user from the identity proflle for 
the flrst user , the set of characteristics for the flrst user including a user type for the flrst user, 
and wherein retrieving the flrst workflow further comprises selecting the flrst workflow from the 
plurality of workflows based on the flrst certiflcate related action and the user type of the flrst 
user. 

28.-30. (Canceled) 

3 1 . (Previously Presented) The apparatus of claim 27, wherein said method 
further comprises: 

receiving said plurality of workflows. 
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32. (Previously Presented) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein performing said first workflow 

comprises: 

retrieving an approval response from the entity associated with the first 

user; and 

obtaining a certificate; 

receiving a second request for a second certificate related action for a second user 
wherein the second certificate related action is selected from a group consisting of a certificate 
enrollment action, a certificate renewal action, and a certificate revocation action; 

retrieving the second workflow for responding to said second request from said 
plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a set of characteristics for said second user from an identity profile for the 
second user maintained by the Identity System, the set of characteristics including a user type for 
the second user, and wherein retrieving the second workflow further comprises selecting the 
second workflow from the plurality of workflows based on the second certificate related action 
and the user type of the second user; and 

performing said second workflow, wherein performing said second workflow 

comprises: 

obtaining a second certificate without retrieving an approval response. 

33. (Previously Presented) The apparatus of claim 32, wherein said first 
certificate related action is a certificate enrollment action and said second certificate related 
action is a certificate enrollment action. 

34. (Previously Presented) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate enrollment action and wherein performing said first workflow comprises: 
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obtaining a certificate, wherein obtaining the certificate comprises: 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving said certificate; and 
storing said certificate. 

35. (Previously Presented) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate renewal action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises: 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; and 
receiving a certificate renewal acknowledgement. 

36. (Previously Presented) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate revocation action and wherein performing said first workflow comprises: 

revoking a certificate, wherein revoking the certificate comprises: 
authenticating said first user; and 

forwarding said request to a Certificate Processing Server. 

37. (Canceled) 

38. (Previously Presented) A method comprising: 

receiving a first request for a first certificate related action for a first user; 
retrieving a first workflow for responding to said first request from a plurality of 

workflows. 
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wherein said first workflow corresponds to said first certificate related 
action and a set of characteristics for said first user, 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user, 

wherein said flrst workflow calls for obtaining an approval from an entity 
associated with the first user before performing a certificate related action, 

wherein a second workfiow of the plurality of workfiows does not call for 
obtaining an approval before performing a certificate related action, and 

wherein retrieving the first workflow for responding to said first request 
further comprises selecting the first workfiow from the plurality of workfiows based on the first 
certificate related action and a user type of the first user; 

performing said first workfiow, wherein performing said first workfiow comprises 
retrieving an approval response from the entity associated with the first user and obtaining a 
certificate; 

receiving a second request for a second certificate related action for a second user; 

retrieving a second workflow for responding to said second request from said 
plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a user type of said second user; and 

performing said second workflow, wherein performing said second workflow 
comprises obtaining a second certiflcate without retrieving an approval response. 

39. (Previously Presented) The method of claim 38, further comprising: 
receiving said plurality of workflows. 

40. (Canceled) 

41 . (Previously Presented) The method of claim 38, wherein said first 
certificate related action and said second certificate related action call for the same certificate 
related action. 
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42. (Previously Presented) The method of claim 38, wherein receiving the 
first request, retrieving the first workflow, performing the first workflow, receiving the second 
request, retrieving the second workflow, and performing the second workflow are performed by 
an Identity System in communication with an Access System. 

43. (Previously Presented) One or more processor readable storage devices 
having processor readable code embodied on said processor readable storage devices, said 
processor readable code for programming one or more processors to perform a method 
comprising: 

receiving a first request for a first certificate related action for a first user; 
retrieving a first workflow for responding to said first request from a plurality of 

workflows, 

wherein said first workflow corresponds to said first certificate related 
action and a set of characteristics for said first user, 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user, 

wherein said first workflow calls for obtaining an approval from an entity 
associated with the first user before performing a certificate related action, 

wherein a second workflow of the plurality of workflows does not call for 
obtaining an approval before performing a certificate related action, and 

wherein retrieving the first workflow for responding to said first request 
further comprises selecting the first workflow from the plurality of workflows based on the first 
certificate related action and a user type of the first user; 

performing said first workflow, wherein performing said first workflow comprises 
retrieving an approval response from the entity associated with the first user and obtaining a 
certificate; 

receiving a second request for a second certificate related action for a second user; 
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retrieving a second workflow for responding to said second request from said 
plurality of workflows, wherein said second workflow corresponds to said second certiflcate 
related action and a user type of said second user; and 

performing said second workflow, wherein performing said second workflow 
comprises obtaining a second certiflcate without retrieving an approval response. 

44. (Previously Presented) One or more processor readable storage devices 
according to claim 43, wherein said method further comprises: 

receiving said plurality of workflows. 

45. (Canceled) 

46. (Previously Presented) One or more processor readable storage devices 
according to claim 43, wherein said flrst certiflcate related action and said second certiflcate 
related action call for the same certiflcate related action. 

47. (Previously Presented) One or more processor readable storage devices 
according to claim 43, wherein receiving the flrst request, retrieving the flrst workflow, 
performing the flrst workflow, receiving the second request, retrieving the second workflow, and 
performing the second workflow are performed by an Identity System in communication with an 
Access System. 

48. (Previously Presented) An apparatus comprising: 
one or more communications interfaces; 

one or more storage devices; and 

one or more processors in communication with said one or more storage devices 
and said one or more communication interfaces, said one or more processors perform a method 
comprising: 

receiving a flrst request for a flrst certiflcate related action for a flrst user; 
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retrieving a first workflow for responding to said first request from a plurality of 

workflows, 

wherein said first workflow corresponds to said first certificate related 
action and a set of characteristics for said first user, 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user, 

wherein said first workflow calls for obtaining an approval from an entity 
associated with the first user before performing a certificate related action, 

wherein a second workfiow of the plurality of workfiows does not call for 
obtaining an approval before performing a certificate related action, and 

wherein retrieving the first workflow for responding to said first request 
further comprises selecting the first workfiow from the plurality of workfiows based on the first 
certificate related action and a user type of the first user; 

performing said first workfiow, wherein performing said first workfiow comprises 
retrieving an approval response from the entity associated with the first user and obtaining a 
certificate; 

receiving a second request for a second certificate related action for a second user; 

retrieving a second workflow for responding to said second request from said 
plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a user type of said second user; and 

performing said second workflow, wherein performing said second workflow 
comprises obtaining a second certiflcate without retrieving an approval response. 

49. (Previously Presented) The apparatus of claim 48, wherein said method 
further comprises: 

receiving said plurality of workflows. 

50. (Canceled) 
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5 1 . (Previously Presented) The apparatus of claim 48, wherein said first 
certificate related action and said second certificate related action call for the same certificate 
related action. 

52. (Previously Presented) The apparatus of claim 48, wherein receiving the 
first request, retrieving the first workflow, performing the first workflow, receiving the second 
request, retrieving the second workflow, and performing the second workflow are performed by 
an Identity System in communication with an Access System. 

53. (Previously Presented) The method of claim 8, wherein obtaining an 
approval response comprises applying a Lightweight Directory Access Protocol (LDAP) filter to 
attributes of the identity profile for the first user. 
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